One thing that I could have put into the document is a discussion of
what to do when a field collecting personally identifiable information
is left blank.
For example, suppose Privacy Evaluator sees a field labeled "email"
and the user leaves that field blank and presses "submit". In the
current design Privacy Evaluator will produce a warning. It might
have been better in retrospect to not produce a warning in that case,
since the user did not actually enter any information in that field.
Even though the form is soliciting personally identifiable
information, the user is not necessarily actually in the process of
sending personally identifiable information, so a warning is probably
not called for.
-Rolf
--
| Rolf Nelson (rolf@w3.org), Project Manager, W3C at MIT
| "Try to learn something about everything
| and everything about something." --Huxley